[ https://issues.apache.org/jira/browse/HADOOP-16211?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17194969#comment-17194969 ]
Ayush Saxena commented on HADOOP-16211: --------------------------------------- This landed up, upgrading guava from {{11}} to {{27}}, which are two incompatible versions. Can we do that in a non-major release? Quoting [~ste...@apache.org] from HADOOP-16210 {quote} what we should always that a release 3.X will work with code built on releases 3.(X-1), etc {quote} 3.2.0 is on {{11}} and further on {{27}} cc [~hexiaoqiao] > Update guava to 27.0-jre in hadoop-project branch-3.2 > ----------------------------------------------------- > > Key: HADOOP-16211 > URL: https://issues.apache.org/jira/browse/HADOOP-16211 > Project: Hadoop Common > Issue Type: Sub-task > Affects Versions: 3.2.0 > Reporter: Gabor Bota > Assignee: Gabor Bota > Priority: Major > Fix For: 3.2.1 > > Attachments: HADOOP-16211-branch-3.2.001.patch, > HADOOP-16211-branch-3.2.002.patch, HADOOP-16211-branch-3.2.003.patch, > HADOOP-16211-branch-3.2.004.patch, HADOOP-16211-branch-3.2.005.patch, > HADOOP-16211-branch-3.2.006.patch > > > com.google.guava:guava should be upgraded to 27.0-jre due to new CVE's found > CVE-2018-10237. > This is a sub-task for branch-3.2 from HADOOP-15960 to track issues on that > particular branch. -- This message was sent by Atlassian Jira (v8.3.4#803005) --------------------------------------------------------------------- To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org